Agencies express interest in Windows sealant
- By Frank Tiboni
- Jun 21, 2004
Amid the growing understanding of the importance of information technology, officials at a number of small but influential agencies — such as the Executive Office of the President — are considering using a new automated technology that developers say can lock down most if not all of the vulnerabilities in Microsoft Corp.'s Windows operating system.
ImmuneEngine, developed by BBX Technologies Inc. of Nashville, Tenn., was designed to eliminate many of the Windows security vulnerabilities that have plagued agencies in recent years.
However, many officials are reluctant to discuss security issues or the measures they are taking to combat them for fear of eliciting attacks. But ImmuneEngine proved so successful during a pilot test earlier this year that the software was loaded on a second classified network in the office, company officials said.
Some experts who have reviewed how ImmuneEngine works say it could significantly improve the way government and industry officials defend their networks — without the pitfalls of many security fixes.
"You don't need a virus detector anymore," said a former military official who is familiar with the product.
Bob Terry, BBX Technologies' chairman and chief technical officer, said he began developing ImmuneEngine in 2000 after a senior official at an intelligence agency asked him what Terry could do to help the Defense Department better protect its networks.
"The official said, 'Come up with a new technology so that we never have to depend on virus file signature updates ever again,' " said Terry, a former Marine Corps officer.
In 10 months, Terry developed the ImmuneEngine prototype. Fours years and millions of lines of code later, he believes the product is now able to lock down Windows. He claims there has not been a successful hack of a system running ImmuneEngine in the past two-and-a-half years.
Terry said Version 8.1 guards national security information in the White House. He would not discuss what data it protects.
Carlos Solari, chief information officer in the Executive Office of the President, declined to comment on the office's use of ImmuneEngine. Lisa Meyer, a spokeswoman for Unisys Corp., the company that provides IT services to the president's office, also declined to comment. Both cited national security concerns.
Terry said Army and DHS officials have also inquired about using ImmuneEngine.
Col. Thaddeus Dmuchowski, director of information assurance at the Network Enterprise Technology Command, confirmed that Army leaders are aware of the company and the product.
"Operating system wrapper technology is relatively new," Dmuchowski said. "It shows great potential and could have many applications in a complex dynamic environment. Although we are interested in the technology, we cannot address the merits of any particular company or its product."
When asked if the Army plans to test or use ImmuneEngine, he said, "The Army is always looking at new technologies to evaluate their usefulness and compatibility with our business models. This type of technology may be useful in expanding defense-in-depth concepts."
Defense-in-depth refers to the military's strategy of using several layers of hardware and software to protect networks.
Officials at DOD, and particularly the Army, have been intensifying their cybersecurity efforts after an increased number of intrusion attempts on their networks.
"Business as usual is not what the Army is looking for," said the former military official familiar with ImmuneEngine.
Valerie Smith, a DHS spokeswoman, confirmed that department officials discussed the product with BBX Technologies representatives. But she stressed that such meetings are not unusual. "DHS officials meet with as many businesses as possible," she said. "The department relies on the entrepreneurial spirit of them to meet its mission."
Terry said other DOD agencies have inquired about ImmuneEngine, but he would not name them. Tim Madden, a spokesman for Joint Task Force-Global Network Operations (JTF-GNO), which oversees military network defense, said organization officials do not discuss operations or investigations.
"To protect the capability of DOD computer networks and systems to send and receive information that is free from distortion and manipulation, the JTF-GNO uses commercial off-the-shelf and government off-the-shelf software and hardware applications," Madden said. "As a matter of policy and for operational reasons, we do not discuss specifics regarding applications that are or may be used for that purpose."
But Robert Taylor, CIO for Fulton County, Ga., was happy to discuss ImmuneEngine. Workers in his office started using the product in April, and they have reported no suspicious activity on their computers since then.
"We [were] looking for something to assist us in better protecting our desktops," Taylor said.
County officials tested ImmuneEngine in March on 15 computers operating various versions of Windows with different security patches. They tried to delete files and modify registries — and even introduced the Welchia worm. The software was able to successfully defend the system every time.
"I was impressed," said Rod Smith, the county's chief security officer who oversaw the laboratory testing. He said ImmuneEngine might be the best IT security product he has tested and worked with during his nine years in the computer field.
Taylor said 15 people in his office now use ImmuneEngine, and he plans to continue deploying the product until it protects the county's 6,000 computers across metropolitan Atlanta.
Microsoft officials declined to comment on the software. Keith Hodson, spokesman for the company's government business, said IT security officials there are aware of BBX Technologies and ImmuneEngine, but Microsoft officials cannot comment on a third-party product they never evaluated.
"It's important to know that no product can ever be, or make another product, completely impenetrable," Hodson said. "Security is an industrywide concern, and it's important to know that Microsoft and its partners are working on the issue."
Alan Paller, director of research for the SANS Institute, a nonprofit organization that monitors computer security, said that although he is not familiar with ImmuneEngine, "host-based prevention is a massively important wave of the future."
The product's effectiveness in protecting computers and information at the White House has launched a new debate among some government officials who wonder if they want a technology that locks down Windows available worldwide.
"Some people don't want it out because it's pretty easy to attack computers now," said an industry official who requested anonymity. The official said some government experts who wage computer attacks against enemies' networks believe ImmuneEngine could make their jobs more difficult.
However, those who defend government computer networks want to use the software. "They say, 'We want to secure our systems. We want to stop unauthorized programs from getting in,' " the official said.